Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Envato WoWonder 安全特征问题漏洞
Vulnerability Description
Envato WoWonder是澳大利亚 (Envato)公司的一个应用软件。提供一个PHP社交网络脚本。 WoWonder 存在安全特征问题漏洞,该漏洞源于在WoWonder 3.0.4中的recovery .php的加密算法较弱。攻击者可利用该漏洞接管任何账户。代码参数很容易从一天的时间预测。
CVSS Information
N/A
Vulnerability Type
N/A